BEC B1 Mcqs

1
BEC112996
A form of compensation that would most likely align shareholder interest with
management conduct is:
Salary plus a bonus for the current period
Salary plus equity stock options
Salary plus stock options that cannot be exercised for 8 years
A fixed salary
The correct answer is (c).
The best form of executive compensation that aligns management's conduct with
shareholders objectives is a combination of fixed and incentive based compensation
related to long term stock price. If managers are given too much fixed
compensation, they may become too complacent and may not take appropriate risks. If
managers are given too much incentive based compensation related to short term,
they may take excessive risks to maximize their compensation. Therefore, a
combination of both fixed and incentive based compensation related to long term
stock price is best.
Option (a) is incorrect because a salary plus a bonus for the current period is a
compensation based on performance measured by accounting profit which can be
manipulated or managed. Therefore, it is not the best form of compensation.
Option (b) is incorrect because salary plus equity stock options related to short
term may encourage management to put excessive focus on increase of the stock price
in the short term at the expense of long term stock value.However the risk appetite
for managers to maximize their compensation is lesser in stock plus stock option
incentives when compared to salary plus bonus based on profit incentives.
Option (d) is incorrect because a fixed salary is not the best compensation as it
may encourage managers to become complacent and not take appropriate risks to
increase share price.
2
BEC112988
According to the International Standards for Professional Practice of Internal

Auditing, both risk appetite and risk tolerance set boundaries of how much risk an
entity is prepared to accept. The chief audit executive of a company applies
internal audit procedures to the company’s system of controls over accidental
pollution and determines that the likelihood and impact of accidental carbon
emission exceeds the company's risk appetite. How should the auditor report his
findings?
Report the findings to the regulatory agency

Report to senior management first and if not resolved report to board of directors
Report to the Board of directors
Report only to senior management
The correct answer is (b).
A primary function of the audit executive is to provide assurance on the

effectiveness of risk management and the strength of the control environment of a
company. He may advise management (must, when it is about compliance, risk
management, internal controls) and the board of directors regarding how to better
execute their responsibilities.
The auditor should report any critical findings to the management first and try to
get a resolution. He should also report critical issues to the audit committee of
the board of directors, along with management's progress towards resolving them on
a regular basis.
Option (a) is incorrect as the Chief Audit Executive (CAE) is not required to
report to external agencies. The CAE is a part of the corporation who reports
functionally to the audit committee and administratively to the Chief Executive
Officer.
Option (c) is incorrect because the internal auditor should first approach the
management in case of any issue of risk or control and try to get a resolution from
them.
Option (d) is incorrect because the internal auditor should first report the issue
to the senior management and in case there is no resolution, he should report to
the audit committee of the board of directors.
3
BEC11415
Enterprise risk management:
helps an organization to better understand how mission, vision, and core values
form the initial expression of what types and amount of risk are acceptable to
consider when setting strategy.
helps an organization to increase its net profit by eliminating non-value-added

activities and improving the effectiveness and efficiency of business processes.
analyses business performance from four perspectives—financial, customer &

stakeholder, internal business process and learning & growth.
eliminates repetitive processes and greatly reduce the need to manually enter
information.
The correct answer is (a).

Enterprise risk management helps an organization better understand:
i) How mission, vision, and core values form the initial expression of what types
and amount of risk are acceptable to consider when setting strategy.
ii) The possibility that strategy and business objectives may not align with the
mission, vision, and core values.
iii) The types and amount of risk the organization potentially exposes itself to by
choosing a particular strategy.
iv) The types and amount of risk inherent in carrying out its strategy and
achieving business objectives and the acceptability of this level of risk, and
ultimately, value.
Options (b), (c) and (d) are incorrect based on the above explanation.
4
BEC11425
The 5 inter-related components in the updated ERM Framework are supported by a set
of _____.
18 principles
25 principles
20 principles
23 principles
Under COSO’s ERM updated 2017 Framework, ERM consists of 5 components {Mnemonic:
CRIME}: Governance & Culture; Strategy & Objective-setting; Performance; Review and
Revision; and Information, Communication & Reporting. The 5 inter-related
components in the updated ERM Framework are supported by a set of 20 principles.
Options (a), (b) and (d) are incorrect based on the above explanation.
5
BEC314105
Mailing disbursement checks and remittance advices should be controlled by the

employee who
Approves the vouchers for payment.

Matches the receiving reports, purchase orders, and vendors’ invoices.
Maintains possession of the mechanical check-signing device.
Signs the checks last.
The correct answer is (d).
The treasurer signs the checks and immediately after signing cancels the supporting
documents so that they will not accidentally be processed again at a later time.
The treasurer then places the check in the envelope, seals it, and arranges for
mailing.
Option (a) and (b) are incorrect because accounts payable department would usually
matches the receiving reports, purchase orders and vendor’s invoices and approve
vouchers for payment when all documentation is proper and present.
Option (c) is incorrect because when a mechanical check-signing device is used,

there is generally dual control. One person maintains possession of the device and
the other controls the signature plates. The person with possession of the device
would not mail disbursement checks, since mailing should be done by the last check
signer.
6
BEC118791
While designing and implementing controls, organizations must decide whether the
control is
designed to prevent an issue
designed to detect an issue
determines if the controls will involve human effort
all of the above
The Correct Answer is (d).

Organizations must design sufficient controls around their processes to protect the
organization, and other stakeholders, while also ensuring effectiveness and
efficiency. When designing and implementing controls organizations must decide
whether the control is designed to prevent an issue or detect issues that may have
occurred, while also determining if the controls will involve human effort and
judgment or if the control can be automated.
Options (a), (b), (c) are incorrect as all the options (and not only one in
isolation) should be considered while designing and implementing the controls.
7
BEC113543
Which of the following statement is correct concerning the rights of board of

directors and shareholders?
Shareholders have voting rights towards hiring of senior management of the company.
Board of directors need to take shareholders’ approval for increasing management’s

compensation.
Shareholders are responsible for ensuring accurate financial reporting by

corporation.
Board of directors cannot take an independent decision on merger of the

corporation.

The shareholders rights are as follows:
Right to elect the Board of Directors.

Right to vote on certain matters like
Electing the Board of directors.
Proposed corporate changes (e.g. amend Articles of Incorporation, substantial
changes).
Matters that affect their ownership (stock split, mergers and acquisitions).
Right to receive dividends if declared by the Board of Directors.
Preemptive right (“first option to buy”) - before stocks are offered to outsiders,
existing shareholders given the option to purchase stock so that their ownership is
not diluted.
Right to inspect books and records of the corporation in good faith and for a
proper purpose.
Right to sue on behalf of the corporation (e.g. if shareholders rights are
violated, wrongful act by directors / officers).
Thus, Board of directors need to take shareholder’s approval for decisions on
merger of the corporation, as the shareholders have voting rights towards
fundamental changes affecting the corporation.
Option (a) is incorrect because shareholders have no voting rights towards hiring
of senior management of the company. Senior management is hired by the board of
directors of the corporation.
Option (b) is incorrect because board of directors need not take shareholders’
approval for increasing management’s compensation, as board of directors are only
responsible for determining management’s compensation.
Option (c) is incorrect because board of directors (not shareholders) is

responsible for ensuring accurate financial reporting by corporation.
8
BEC118787
Which of the following is an example of cross footing in process control?
An accountant summing the assets side and verifying it to the liabilities and
equity side
A financial analyst plotting beta curve from the historical data
A management accountant verifying the marginal safety calculated to the margin of

safety using the graphical method
An investment analyst plotting the NPV profile and determining whether the IRR
calculated by trial and error is the same as in the graph

Cross-footing is the testing the sum of a column of row totals to the sum of a row
of column totals to verify identical results provides some assurances as to
accuracy. Verifying the assets and the liabilities and the equity side is an
example of cross footing.
Option (b), Option (c), and Option (d) are incorrect based on above explanation.
9
BEC113579
Developing general controls over information technology would be a part of which of

the components of internal controls?
Control Environment.
Existing control activities.
Monitoring.
Information and communication.

Selecting and developing general control activities over technology is a part of
existing control activities which are put in place to mitigate the risk of the
achievement of objectives (Mnemonic: E of CRIME).
Options (a), (c) and (d) are incorrect based on the above explanation.
10
BEC111776
Which of the following positions best describes the nature of the Board of
Directors of ABC Co's relationship to the company?
Agent.
Executive.
Fiduciary.
Representative.

The Board of Directors is a body of elected or appointed members who are jointly
charged with running the corporation on behalf of the shareholders and other
stakeholders. The Board of Directors is responsible for providing strategic
direction and guidance for the establishment of the key business objectives of the
corporation. They must exercise ordinary care and due diligence in performing their
duties. Although directors may be considered as the agents or executives or the
representatives of the company, the best description of the nature of the
relationship that the directors have with the company is fiduciary.
Options (a), (b) and (d) are incorrect as per the above explanation.
1
BEC113145
Which of the following organizations was established by the Sarbanes-Oxley Act of

2002 to control the auditing profession?
Information Systems Audit and Control Foundation (ISACF).
IT Governance Institute (ITGI).
Public Company Accounting Oversight Board (PCAOB).
Committee of Sponsoring Organizations (COSO).
The Sarbanes Oxley Act (SOX) of 2002 was enacted by the US government to enhance
corporate responsibility, financial disclosure, and to battle corporate and
accounting fraud. SOX also created the Public Company Accounting Oversight Board
(PCAOB), under Title I, to oversee the activities of the auditing profession.
PCAOB, is a non-profit private body, entrusted with the responsibilities of

- registering public accounting firms
- establish auditing, quality control, ethics, independence, and other standards

relating to public company audits
- conduct inspections, investigations, and disciplinary proceedings of registered

accounting firms and
- enforce compliance with Sarbanes Oxley
Option (a) is incorrect because, ISCAF, now known as Information Systems Audit and
Control Association (ISACA) is focused on IT governance. ISACA has developed a
framework, referred to as COBIT, for information technology (IT) and IT governance.
The COBIT framework is business oriented in that it provides a systemic way of
integrating IT with business strategy and business risk.
Option (b) is incorrect because, ISACA formed the ITGI to focus on original
research on IT governance and related topics.
Option (d) is incorrect because The Committee of Sponsoring Organizations’ (COSO)

was organized to sponsor the National Commission on Fraudulent Financial Reporting.
It is an independent private-sector initiative that studied the causal factors that
can lead to fraudulent financial reporting. It also developed recommendations for
public companies and their independent auditors, for the SEC and other regulators,
and for educational institutions.
2
BEC118775
According to the Sarbanes-Oxley Act of 2002, each of the following is a corporate

responsibility requirement, except:
The audit committee of the issuer is directly responsible for the appointment,
compensation, and oversight of the registered accounting firm.
The audit committee chairperson must certify that the quarterly report filed with
the SEC fairly presents the financial condition and results of operations
The audit committee of the issuer must establish whistleblowing mechanisms and
procedures within the issuer.
Each audit committee member of the issuer must be independent.
The management (including CEO and CFO) certify periodic reports filed with SEC (eg:
annual 10K, quarterly 10Q). The audit committee chairperson is usually an
independent person and therefore cannot certify the financial reports. The Audit
committee is required to be independent means any member of the audit committee may
not accept any consulting, advisory, or other compensatory fees from the Company
(other than board or committee fees) or be affiliated with the Company.
Option (a), (c) and (d) are incorrect because, as per SOX Title III- Corporate
responsibility -Section 301 the audit committee is required to do the following:
- Is directly responsible for the appointment, compensation, and oversight of

the registered accounting firm.
- Must establish whistleblowing mechanisms and procedures within the issuer.
- Each audit committee member of the issuer must be independent.
3
BEC11382
Following the formation of a corporation, which of the following terms best

describes the process by which the promoter is released from, and the corporation
is made liable for, pre-incorporation contractual obligations?
Assignment
Novation
Delegation
Accord and satisfaction
Novation is an act of substitution of an original party to a contract with a new

party wherein the existing party is automatically discharged of his contractual
duties upon substitution. Thus, post formation of the corporation, releasing the
promoter from and making the corporation liable for, pre-corporation contractual
obligations is an act of novation.
Option (a) is incorrect because assignment is transfer of rights held by one party
(assignor) to another party (assignee). The original party continues to be liable
to the contract, until discharged.
Option (c) is incorrect because delegation is the assignment of responsibility or

authority to another person. However, the party who delegates responsibility
continues to be liable for performance of the contract.
Option (d) is incorrect because under accord and satisfaction, two contracting
parties agree to the terms of the contract and perform as per the terms set, thus
ensuring termination of the contract. Acceptance of alternate performance too, in
full satisfaction for an existing liability/ duty, also discharges each other from
the original contract.
4
BEC110405
A company implements an enterprise resource planning application to help improve

its financial and operational reporting, while gaining other efficiencies related
to sales and inventory management. For the implementation, the company hires an
individual specializing in preparing the company for the changes through
documenting new policies and procedures and developing new training. This is an
example of:
Change management.
A social event.
Segregation of duties.
An economic event.

The above sequence of events describes the implementation of a new ERP process to
improve an organization's financial and operational reporting while positively
affecting other areas such as sales and inventory management. The appointment of a
project manager who is specialized in bringing about the desired changes through
proper guidance, training and documentation is an example of change management.
Option (b) is incorrect because social events include planned events that involve
large group of people.
Option (c) is incorrect because segregation of duties includes assiging different

people the responsibility for recording, authorizing and approving transactions and
handling related assets to achieve effective internal control.
Option (d) is incorrect because economic event is the transfer of control of an

economic resource from one party to another party.
5
BEC118788
Which of the following is a characteristic of read-only rights in standing data

controls?
Standing data should be stored in a safe location with prescribed access rights to
authorized individuals who provide verification
Whenever changes are made to standing data they should be reviewed and approved by
appropriate personnel prior to implementation
Standing data, although not updated often, should be backed up on a periodic basis
to make sure no data is lost
Insert, update, and deletion rights should be designated to key personnel whose
activities are segregated from users of the data

In read-only rights, standing data should have read-only rights for the majority of
users; insert, update, and deletion rights should be designated to key personnel
whose activities are segregated from users of the data.
Option (a) is incorrect. It is the characteristic of access and authorization

control.
Option (b) is incorrect. It is the characteristic of change control.
Option (c) is incorrect. It is the characteristic of regular backups.
6
BEC31298
Serial pre-numbering of which of the following documents would ensure completeness

of sales?
I. Sales order.
II. Sales invoice.
III. Customer purchase order.
IV. Bill of lading.
II only.
I and II only.
I and III only.
All of above.

Serial pre-numbering of sales invoice would help identify if sales related to any
of the invoices has gone unrecorded. Also serial pre-numbering of sales orders
would help identify that all of the customer purchase orders have been processed
and corresponding sales have been recorded. Thus, serial pre numbering of both
sales order and sales invoice would help ensure completeness of sales.
Customer purchase orders and bill of lading are third party documents. These
documents cannot be serially pre numbered as per the entity and would not help
ensure completeness of sales for the entity.
Options (a), (c) and (d) are incorrect based on the above explanation.
7
BEC11487
Assessing the severity of risk is part of the COSO ERM framework component:
Governance & culture
Review & Revision
Strategy and objective setting
Performance
Risk assessment is part of the Performance (Mnemonic: CRIME) component of the ERM
framework. The risk management principles of Performance are:
Identifies Risk
Assesses Severity of Risk
Prioritizes Risks
Implements Risk Responses
Develops Portfolio View
Options (a), (b) and (c) are incorrect based on the above information.
8
BEC113585
The use of technology can make monitoring component of internal control more
effective by:
Assuring that all components of internal controls are functioning.
Not needing separate evaluations.
Helping provide timely information on failure of controls.
Eliminating the need of supervisory reviews.

Use of technology for monitoring component of internal controls would help in
providing timely information on failure of controls and thus making monitoring more
effective.
Option (a) is incorrect because use of technology can help find instances of
failure of controls but not assure that all components of internal controls are
functioning.
Option (b) is incorrect because monitoring component comprise of separate and

ongoing evaluations. Use of technology would never mean that separate evaluations
would not be needed.
Option (d) is incorrect because use of technology for monitoring activities would
not mean that supervisory reviews can be eliminated altogether.
9
BEC11435
Identify the set of risk management principles of “Information, Communication, and

Reporting”
Formulates Business Objectives; Leverages Information and Technology; Communicates

Risk Information; Reports on Risk, Culture, and Performance
Leverages Information and Technology; Communicates Risk Information; Reports on

Risk, Culture, and Performance
Leverages Information and Technology; Communicates Risk Information; Develops

Portfolio View
Leverages Information and Technology; Communicates Risk Information; Develops

Portfolio View; Establishes Operating Structures
The set of risk management principles of “Information, Communication, and

Reporting”(Mnemonic: CRIME) are
Leverages Information and Technology: The organization leverages the entity’s

information and technology systems to support ERM.
Communicates Risk Information: The organization uses communication channels to

support ERM.
Reports on Risk, Culture, and Performance: The organization reports on risk,

culture, and performance at multiple levels and across the entity.
Options (a) is incorrect because “Formulates Business Objectives” is part of

Strategy & Objective Setting.
Options (c) is incorrect because “Develops Portfolio View” is part of Performance.

Options (d) is incorrect because “Develops Portfolio View” and “Establishes
Operating Structures” are part of Performance and Governance & Culture
respectively.
10
BEC112912
In order to properly segregate duties, which function within the computer

department should be responsible for reprocessing the errors detected during the
processing of data?
Department manager.
Systems analyst.
Computer programmer.
Data control group.
AS per COSO, sound internal controls require proper segregation of duties which
includes assigning different people the responsibilities of authorizing
transactions, recording transactions, maintaining custody of assets and performing
comparisons.
In the case of data management, the responsibility of reprocessing the errors

detected during the processing of data should be done by the Data control group.
The Data Control Group does not perform the day to day recording and maintenance of
data. They are responsible for reviewing documents and source materials. They
review data to ensure completeness, accuracy and quality according to the standards
set. Therefore, it is appropriate that responsibility of reprocessing of errors is
with the data control group.
Option (a) is incorrect because the department manager may be responsible for
recording or authorization of data related transactions and therefore should not be
given the responsibility of reprocessing errors detected.
Option (b) is incorrect because the systems analyst may be responsible for
analyzing the data and performing comparisons. Therefore, he/she should not be
given the responsibility to reprocess errors detected.
Option (c) is incorrect because the computer programmer may be responsible for
writing and maintaining the software program and should not be given the
responsibility of reprocessing errors detected.
11
BEC11430
Which of the following set of risk management principles is part of “governance &
culture” of the revised ERM framework?
Exercises Board Risk Oversight; Formulates Business Objectives; and Reports on

Risk, Culture, and Performance
Exercises Board Risk Oversight; Formulates Business Objectives; Reports on Risk,

Culture, and Performance; and Defines Desired Culture
Exercises Board Risk Oversight; Establishes Operating Structures; Reports on Risk,

Culture; and Performance
Establishes Operating Structures; Demonstrates Commitment to Core Values; and

Attracts, Develops, and Retains Capable Individuals
The principles of governance & culture are:
Exercises Board Risk Oversight: The board of directors provides oversight of the
strategy and carries out governance responsibilities to support management in
achieving strategy and business objectives.
Establishes Operating Structures: The organization establishes operating structures

in the pursuit of strategy and business objectives.
Defines Desired Culture: The organization defines the desired behaviors that
characterize the entity’s desired culture.
Demonstrates Commitment to Core Values: The organization demonstrates a commitment

to the entity’s core values; also, embraces a risk-aware culture, enforces
accountability, and keeps communication open (and free from retribution).
Attracts, Develops, and Retains Capable Individuals: The organization is committed

to building human capital in alignment with the strategy and business objectives.
Under COSO’s ERM Framework, ERM consists of five components (Mnemonic: CRIME):
Governance & Culture; Strategy & Objective-setting; Performance; Review and
Revision; and Information, Communication & Reporting.
Options (a), (b) and (c) are incorrect because they have Reports on Risk, Culture,
and Performance which is part of Information, Communication & Reporting and does
not include all the five principles of Governance & culture.
12
BEC113126
Which of the following statements is correct regarding the requirements of the

Sarbanes-Oxley Act of 2002 for an issuer's board of directors?
Each member of the board of directors must be independent from management

influence, based on the member's prior and current activities, economic and family
relationships, and other factors.
The board of directors must have an audit committee entirely composed of members
who are independent from management influence.
The majority of members of the board of directors must be independent from

management influence.
The board of directors must have a compensation committee, a nominating committee,

and an audit committee, each of which is entirely composed of independent members.

Mandated by the Sarbanes –Oxley Act (SOX), the board of directors must have an
audit committee entirely composed of members who are independent from management
influence. As per SOX title III, 301- An independent audit committee is responsible
for appointment, compensation and oversight of any audit work performed by the
audit firm.
Option (a) is incorrect because, Sarbanes –Oxley Act (SOX), does not mandate each
member of the board of directors be independent. Board of Directors is a group of
individuals that are elected as, or elected to act as, representatives of the
stockholders to establish corporate management related policies and to make
decisions on major company issues. Every public company must have a board of
directors. Ideally the board of directors should be a representation of both
management and shareholders' interests by consisting of both inside members and
independent or outside members.
Independent or outside members are not part of management and have no significant
benefit from the corporation other than compensation as board member. (Officers,
employees or major stockholders who are on the board are referred to as ‘inside
directors’.)
Option(c ) is incorrect because, although the majority of members of the board of

directors must be independent from management influence, it is not mandated by
Sarbanes - Oxley Act (SOX).
Option (d) is incorrect because, though the board of directors must have a
compensation committee, a nominating committee, and an audit committee, the
nominating committee or corporate governance committee need not be entirely
composed of independent members. Only Audit committee and compensation committee
should be independent.
13
BEC11472
Risk capacity is the:
maximum amount of risk an entity is able to hedge in the pursuit of strategy and
business objectives.
minimum amount of risk an entity is able to hedge in the pursuit of strategy and
maximum amount of risk an entity is able to absorb in the pursuit of strategy and
minimum amount of risk an entity is able to absorb in the pursuit of strategy and

Risk capacity is the maximum amount of risk an entity is able to absorb in the
pursuit of strategy and business objectives. If risk appetite is very high, but its
risk capacity is not large enough to withstand the potential impact of the related
risks, the entity could fail. On the other hand, if the entity’s risk capacity
significantly exceeds its risk appetite, the organization may lose opportunities to
add value for its stakeholders. Risk appetite provides guidance on the practices an
organization is encouraged to pursue or not pursue. It sets the range of
appropriate practices and guides risk-based decisions rather than specifying a
limit. It refers to the types and amount of risk, on a broad level, an organization
is willing to accept in pursuit of value.
Options (a) and (b) are incorrect because risk capacity is not the measure a firm’s
ability to hedge.
Option (d) is incorrect because it is the maximum (not minimum) amount of risk an
entity is able to absorb.
14
BEC113581
Which of the following types of controls would not come under existing control
activities component of internal controls?
Advance approval of vendors.
Periodic evaluation and testing of controls by internal audit.
Periodic comparing of actual costs to budget.
Unused checks are kept in a locker.

Periodic evaluation and testing of controls by internal audit is a part of
monitoring component of internal controls primarily which is on an overall basis,
which is separate from existing control activities. Existing control activities are
the policies and procedures designed to mitigate individual risks to the
achievement of objectives. Thus, periodic evaluation and testing of controls by
internal audit is not a part of existing control activities.
Options (a), (c) and (d) are incorrect because advance approval of vendors,
periodic comparing of actual costs to budget and unused checks being kept in a
locker are all examples of existing control activities which are designed to
mitigate individual risks to the achievement of objectives.
15
BEC113122
According to COSO, a primary purpose of monitoring internal control is to verify

that the internal control system remains adequate to address changes in
Risks.
The law.
Technology.
Operating procedures

According to the COSO (Committee of Sponsoring Organizations of the Tradeway
Commission), Internal control is a process, effected by an entity’s board of
directors, management and other personnel, designed to provide reasonable assurance
regarding the achievement of objectives in the following categories:
• Accurate and reliability of financial reporting
• Compliance with applicable laws and regulations
• Effectiveness and efficiency of operations
An organization achieves its objectives to through effective monitoring of internal
control. One of the primary objectives of monitoring (Mnemonic: CRIME) is to
evaluate, (1) whether management reconsiders the design of controls when risks
change, and (2) whether controls that have been designed to reduce risks to an
acceptable level continue to operate effectively.
Apart from monitoring, organizations meet their objectives through other

components such as Control environment, risk assessment, control activities and
information and communications (Mnemonic: CRIME)
Option (b),(c) and (d) are incorrect because internal control monitors the changes
in law, technology and operating procedures through monitoring of risk.
16
BEC310123
Which of the following describes a weakness in accounts payable procedures?
The accounts payable system compares the receiving report to the vendor invoice.
The accounts payable manager issues purchase orders.
The accounts payable clerk manually verifies arithmetic on the vendor invoice.
The accounts payable clerk files invoices and supporting documentation after
payment.

It is the duty of the purchasing department to place a purchase order. When the
accounts payable manager issues a purchase order, it leads to weakness in internal
controls.
Option (a) is incorrect because it is the duty of accounts payable department to

compare the vendor invoice and purchase order receiving report. This does not
constitute a weakness in internal control.
Option (c) is incorrect because verification of mathematical errors in vendors

invoice exhibits good controls and help in avoiding approval of incorrect amounts.
Option (d) is incorrect because it is the duty of accounts payable department clerk
to file invoices and shipping documents after payment. This also helps in
preventing duplicate payments for the same purchase invoice.
17
BEC11500
Residual risk will always exist because
there will always be an inverse correlation between risk and the level of business
activities.
resources are unlimited.
of future uncertainty and limitations inherent in all tasks.
the risk curve will not shift in response to change.
The risk response may change the risk profile. Once management selects a risk
response, control activities are necessary to ensure that those risk responses are
carried out as intended. Management must recognize that risk is managed but not
eliminated. Some residual risk will always exist, not only because resources are
limited, but because of future uncertainty and limitations inherent in all tasks.
Option (a) is incorrect because the correlation between risk and the level of
business activities can be either inverse or direct. Moreover, residual risk is not
a function of the correlation between risk and the level of business activities,
but the level of business activities.
Option (b) is incorrect because resources are not unlimited.
Option (d) is incorrect because the risk curve is not stationary, and it may shift
up or down in response to a change.
18
BEC116160
Which of the following documents would most likely contain specific rules for the
management of a business corporation?
Articles of incorporation.
Bylaws.
Certificate of authority.
Shareholders' agreement.

Bylaws are written rules that control the internal affairs of an organization.
Bylaws define roles and responsibilities of its officers, office assignments and
conduct of meetings. Bylaws serve as the legal guidelines of the organization.
Option (a) is incorrect because the articles of incorporation documents the

formation of a company. The articles include important information such as the
proposed name, purpose, powers of the corporation, the name and address of each
incorporator and the number and type of authorized shares.
Option (c) is incorrect because a certificate of authority qualifies a business to

operate legally in a state.
Option (d) is incorrect because shareholders' agreement is an agreement amongst the

shareholders of a company and describes the rights and obligations of the company
to its existing shareholders and new investors. The terms may include the rights of
investors to information, restrictions on the transfer of shares and rights of
first refusal.
19
BEC113563
Which of the following statements is correct concerning the most effective external
corporate monitoring device?
External auditors are the most effective external corporate monitoring device
because they audit the corporation’s financial statements in accordance with
prescribed standards.
Internal auditors are the most effective external corporate monitoring device
because they communicate directly with the audit committee.
Attorneys provide legal advice to the management and are the most effective
external corporate monitoring device.
Board of directors is the most effective external monitoring device because they
are elected by the shareholders.
External auditors are the most effective external corporate monitoring device
because they are the external independent party that audit the corporation’s
financial statements in accordance with prescribed standards and communicate with
the audit committee information that will help the committee perform its oversight
function.
Options (b) and (d) are incorrect because internal auditors and board of directors
are internal corporate monitoring devices.
Option (c) is incorrect because attorneys only provide legal advice to the
management and are not as effective as external auditors.
20
BEC11508
Who establishes the direct oversight of enterprise risk management?
Audit committee
Compensation committee
Risk committee
Nomination/governance committee

Risk committee establishes the direct oversight of enterprise risk management. The
focus of the risk committee is entity-wide risk in non-financial areas that go
beyond the authority of the audit committee and its available resources (e.g.,
operational, obligations, credit, market, technology).
Option (a) is incorrect because audit committee establishes the importance of risk
oversight.
Option (b) is incorrect because compensation committee establishes and oversees the
compensation arrangements for the chief executive officer and other executives, as
appropriate, to motivate without providing incentives for undue risk taking.
Option (d) is incorrect because nomination/governance committee provides input to

and oversight of the selection of candidates for directors and management.
21
BEC11440
Which of the following is expected of the board of directors based on their skills,
experience and knowledge?
The board providing expert legal advice in avoiding customer and competitive
litigation
The board challenging management when necessary about strategy, business

objectives, and performance targets
The board interfering in daily business operations of the firm to improve the
business processes and operations
The board helping the treasury team to manage the earnings
The board of directors is well positioned to offer expertise and provide oversight
of enterprise risk management through its collective skills, experience, and
business knowledge. This includes, for instance, asking the appropriate questions
to challenge management when necessary about strategy, business objectives, and
performance targets. It also includes interacting with stakeholders and presenting
alternative views and actions.
Option (a) is incorrect because providing legal advice is the responsibility of the
corporate legal department.
Option (c) is incorrect because the board should refrain from interfering in the
day-to-day business and it is the responsibility of the management.
Option (d) is incorrect because it is the responsibility of the financial reporting

team to deal the earnings.
22
BEC112994
Which of the statements is true regarding rights of a shareholder of a corporation?
Shareholders have no right to manage their company unless they are also directors
Shareholders have right to receive dividends
Shareholders have no right to inspect the books of accounts of the corporation
Shareholders have a right to use the customer mailing list of the corporation.
Shareholders are investors who purchase corporate stock and enjoy a number of
rights pertaining to their ownership. The rights of the shareholders depend largely
on the provisions in the corporation's charter and bylaws. The most important
rights that most common shareholders possess include the right to share in the
company's profitability, income and assets, right to vote on certain matters
involving fundamental changes affecting the corporation, right to receive dividends
(if declared), right to inspect books and records and right to elect the board of
directors. However, the shareholders have no right to participate in the management
of the company's business and its affairs unless they are directors of the company.
Option (b) is incorrect because shareholders have the right to receive dividends,
only if the board of directors declares dividends. In the event that no dividends
are declared by the board, shareholders cannot claim them as a right.
Option (c) is incorrect because shareholders have the right to inspect the books
and records of the corporation in good faith and for a proper use.
Option (d) is incorrect because shareholders do not have the right to use the
customer mailing list of the corporation, as they are not involved in the
management and day to day operations of the corporation.
23
BEC113593
When an enterprise takes an action that accepts increased risk to achieve improved
performance, it can be said that the enterprise is:
Avoiding the risk.
Pursuing the risk.
Accepting the risk.
Transferring the risk.

When an enterprise takes an action to improve performance that involves increased
risk and the enterprise accepts the increased risk that comes with the increased
performance, it can be said that the enterprise is pursuing the risk.
Option (a) is incorrect because an enterprise can be said to be avoiding the risk
when some action is taken to remove the risk.
Option (c) is incorrect because an enterprise is said to be accepting the risk when
no action is taken to change the severity of the risk because the risk is within
the risk appetite of the enterprise.
Option (d) is incorrect because an enterprise is said to be transferring the risk

when action is taken to reduce the severity of the risk by transferring or
otherwise sharing a portion of the risk.
24
BEC113125
According to COSO, the presence of a written code of conduct provides for a control
environment that can
Override an entity's history and culture.
Encourage teamwork in the pursuit of an entity's objectives.
Ensure that competent evaluators are implementing and monitoring internal controls.
Verify that information systems are providing persuasive evidence of the

effectiveness of internal controls.
A written code of conduct for employees sets the ethical expectations of the
management. This, reinforced by training, top down communications, and requirements
for periodic written statements of compliance from key employees, is an important
component of the ethical values which in turn is a component of the control
environment of the entity's internal control. The other components of control
environment are competent individuals, organizational structure, performance
incentives, those charges with governance and responsibility assignment.
Option (a) is incorrect because, a written code of conduct for control environment
will not override the organization's history and culture but will make it more
pronounced and noticeable.
Option (c) is incorrect because, written code of conduct for control environment
cannot ensure implementing and monitoring of internal control by competent
evaluator.
Option (d) is incorrect because, a written code of conduct for a control

environment can not verify that information systems are providing persuasive
evidence of the effectiveness of internal controls.
25
BEC113597
“Heat map” is a technique used to:
Implement responses to risks.
Prioritize risks.
Identify risks.
Assess severity of risk.

“Heat map” is a technique used to highlight the relative severity of the assessed
risk by using a likelihood / impact matrix. The various combinations of likelihood
and impact (severity measures), given the risk appetite are color coded to reflect
a particular level of severity (i.e. darker the shade, higher the severity of
risk).
Options (a), (b) and (c) are incorrect based on the above explanation.
26
BEC11436
The principle “Reports on Risk, Culture, and Performance” is part of the ERM
component:
Review and Revision
Performance
Information, Communication, and Reporting
Governance and Culture
Revision; and Information, Communication & Reporting. The principle “Reports on
Risk, Culture, and Performance” is part of “Information, Communication, and
Reporting”. The organization reports on risk, culture, and performance at multiple
levels and across the entity.
Options (a) is incorrect because Review and Revision includes: 1. Assesses

Substantial Change 2. Reviews Risk and Performance 3. Pursues Improvement in ERM
Options (b) is incorrect because Performance includes: 1. Identifies Risk 2.

Assesses Severity of Risk 3. Prioritizes Risks 4. Implements Risk Responses 5.
Options (d) is incorrect because Governance and Culture includes: 1. Exercises

Board Risk Oversight 2. Establishes Operating Structures 3. Defines Desired Culture
4. Demonstrates Commitment to Core Values 5. Attracts, Develops, and Retains
Capable Individuals
27
BEC113595
Which if the following examples depict that an enterprise is “transferring” the

risk?
Ceasing a high risk product line.
Adding new high risk product lines in anticipation of high returns.
Adding an indemnity clause in a contract.
Adopting aggressive growth strategies which have a high likelihood of improving the
profitability of the business unit.

Transferring the risk means some action is taken to reduce the severity of the risk
by transferring the risk to a third party. An indemnity clause is a contractual
provision in which one party agrees to answer for any liability or harm that the
other party might incur. Adding an indemnity clause would mean that the enterprise
is transferring the risk to a third party in case of any liability.
Option (a) is incorrect because ceasing a high risk product line altogether is an
example of risk avoidance.
Option (b) is incorrect because adding a new product line which is known to be high
risk along with a possibility of generating high returns is an example of risk
pursuing.
Option (d) is incorrect because adopting aggressive growth strategies which have a
high likelihood of improving the profitability of the business unit is an example
of risk pursuing.
28
BEC113000
Dodd-Frank Wall Street Reform and Consumer Protection Act was established to
promote the financial stability by improving accountability and transparency in the
financial system and to protect consumers from abusive financial services
practices. Which of the following is not a requirement of the Dodd-Frank Act?
Disclosure is required of the reasons why the company has chosen to have one person
serve as Chairman and CEO, or to have different individuals serve in those roles.
Compensation committee members must be independent.
Companies must include a resolution in their proxy statements asking shareholders

to approve the compensation of their named executive officers, in a non-binding
vote.
All members of audit committee should be finance experts.

The Dodd Frank Act is a US federal law that places regulation of the financial
industry in the hands of the government. It aims to create new financial regulatory
processes that enforce transparency and accountability while implementing rules for
consumer protection.
Dodd- Frank Wall Street Reforms & Consumer Protection Act (2010), mandate for all
public companies (issuers) that the Compensation Committee comprises entirely of
Independent directors.
SOX, 2002, requires for all public companies (issuers) that the Audit Committee
comprises only of independent directors. Also, SOX requires disclosure whether at
least one of the members is a ‘Financial Expert’.
Option (a) is incorrect because the Dodd-Frank Act requires public corporations to
disclose why or why not the chairman of the board is also the CEO.
Option (b) is incorrect because the Act requires that all members of the
compensation committee of public companies to be independent.
Option (c) is incorrect because the Act does require that shareholders must be
allowed a non binding vote on executive compensation at least every 3 years and a
vote at least every 6 years as to whether the vote on compensation should be held
more often.
29
BEC113584
Which of the following is not a principle of components of COSO framework of

internal controls?
Formulating business objectives.
Assessing fraud risk.
Conduct evaluations.
Developing general controls over technology.

Formulating business objectives is not a principle of components of COSO framework
of internal controls. It is one of the principles of COSO framework of enterprise
risk management (ERM). This falls under enterprise strategy and objective setting.
Option (b) is incorrect because assessing fraud risk is a principle of risk

assessment component of COSO framework of internal controls.
Option (c) is incorrect because conducting evaluations is a principle of monitoring

component of COSO framework of internal controls.
Option (d) is incorrect because developing general controls over technology is a
principle of existing control activities component of COSO framework of internal
controls.
30
BEC111774
Smith was an officer of CCC Corp. As an officer, the business judgment rule applied
to Smith in which of the following ways?
Since the business judgment rule specifically covers only directors , this rule
cannot be applied to Smith who is an officer of the company.
If Smith makes, in good faith, a serious but honest mistake in judgment, Smith is
generally not liable to CCC for damages caused.
generally liable to CCC for damages caused, but CCC may elect to reimburse Smith
for any damages Smith paid.
generally liable to CCC for damages caused, and CCC is prohibited from reimbursing
Smith for any damages Smith paid.

The business judgment rule is a case law derived concept that provides that a
corporate director may not be held liable for errors in judgment provided the
director acted in good faith, with loyalty and due care. While the rule only
mentions only directors, it is a grey area whether this rule may apply to officers
as well. However, there is little case law precedence where this rule has been
applied to officers and officers are also considered to be similar to agents in
some situations. Based on the same, we conclude that this rule cannot be applied to
officers of a corporation.
Options (b), (c) and (d) are incorrect because of the above explanation.
31
BEC118792
Which of the following is not the benefits of automating business processes?
improved quality
reduced TAT
reduced operating profit
improved operational efficiency
The Correct Answer is (c).

Business process automation is the use of technology to execute recurring tasks or
processes in a business where manual effort can be replaced, which increase
efficiency, streamline processes, thereby improving operational efficiency and
reduce turnaround time and improve quality. It is done to minimize costs and
increase operating profit.
Based on above explanation options (a), (b) and (d) is incorrect as all these are
benefits of automating business processes.
32
BEC113559
Which of the following is a New York Stock Exchange (NYSE) rule related to
corporate governance?
Make directors independence information publicly available.
Code of conduct applicable to all directors, officers and employees to be made

available to the respective directors, officers and employees only.
Having non-management directors meet at regularly scheduled executive sessions.
All directors on the board to be independent.

New York Stock Exchange (NYSE) rule related to corporate governance includes a rule
which states that all non-management directors to meet at regularly scheduled
executive sessions without management.
Option (a) is incorrect because NYSE corporate governance rule states that the
directors independence information to be provided to investors (not public).
Option (b) is incorrect because NYSE corporate governance rule states that the code
of conduct applicable to all directors, officers and employees to be made publicly
available and not just to the respective employees and directors.
Option (d) is incorrect because NYSE corporate governance rule states majority (not
all) directors on the board should be independent.
33
BEC118773
According to COSO, which of the following issues should lead to the greatest
concern regarding the effectiveness of an entity's internal control?
Monitoring internal control in areas that have never had a control failure
Errors from control failures that were not detected timely by the routine
monitoring procedures
Unwarranted duplication of efforts when multiple people monitor the same control
Additional evaluations solely to meet regulatory requirements when elements of

other procedures would be sufficient
Continuous monitoring enables management to continuously review and assess business

processes and policies, for adherence to and deviations from their intended levels
of performance and it’s effectiveness. Deficiencies not detected via ongoing and/or
separate evaluation is of a greater concern, since it wouldn’t have been timely
communicated to parties responsible for taking corrective action, including senior
management & board of directors, as appropriate.
Option (a) is incorrect because, monitoring areas that have never had a control
failure wouldn’t be much of a concern as option (b). It will be presumed that the
things are working as per control standards. Also, discrepancies if any, are being
acted upon.
Option (c) is incorrect because, duplication of efforts when multiple people

monitor the same control, is definitely a repetition of work, which is more of an
inefficiency, as it results in a loss of time and efficiency than of a concern
regarding the effectiveness of an entity’s internal control.
Option (d) is incorrect because, evaluations solely to meet regulatory requirements

is a part of monitoring and helps in identifying whether I/C is present and
functioning. As findings are evaluated against criteria established by regulators,
recognized standard setting bodies and the deficiencies are communicated to
management and Board of directors as appropriate.
34
BEC113578
Which of the following statements is not correct concerning monitoring activities

as a part of COSO internal control framework?
Provides valuable support of assertions regarding the effectiveness of the system

of internal control.
Includes monitoring corrective actions taken by the management.
Evaluations must be carried out by someone who is competent and objective.
Responds appropriately to a specific risk.

A control activity (not monitoring activity) responds to a specific risk. A
monitoring activity assesses whether controls within each of the components of
internal control are operating as intended.
Option (a) is incorrect because monitoring activity ensures that the controls are
operating as intended and thus would provide valuable support of assertions
regarding the effectiveness of the system of internal control.
Option (b) is incorrect because monitoring activities should include monitoring of

corrective actions taken by the responsible parties when control deficiencies are
identified as a part of monitoring activity.
Option (c) is incorrect because evaluators who monitor controls within the
organization should be both competent and objective.
35
BEC112919
If a corporation may be violating federal and state laws governing environmental

concerns, which one of the following types of audit will best assist in
ascertaining whether such situations may exist?
Operational audit.
Compliance Audit.
Financial audit.
Management Audit.
A compliance audit is a comprehensive review of a corporation's adherence to

regulatory guidelines. The Environment Protection Authority (EPA) uses compliance
audits as a tool to assess compliance with legislative requirements and to review
best environmental management practices to encourage improved environmental
performance.
Option (a) is incorrect because an operational audit is a systematic review of the

effectiveness, efficiency and economy of operations. It does not review the
compliance of federal and state laws governing environmental concerns.
Option (c) is incorrect because a financial audit is an evaluation of the

corporation's financial reports and processes to provide reasonable assurance that
the financial statements are accurate and complete.
Option (d) is incorrect because a management audit is the assessment of methods and
policies of an organization's management in the administration and use of
resources, tactical and strategic planning and employee and organizational
improvement.
36
BEC110342
Each of the following statements is correct regarding the existence and

implementation of codes of conduct, except:
Employees understand what behavior is acceptable or unacceptable and know what to

do if they encounter improper behavior.
The codes of conduct are comprehensive, addressing conflicts of interest, illegal

or other improper payments, anticompetitive guidelines, and insider trading.
The codes of conduct are periodically acknowledged by all employees.
The codes of conduct must be in writing and displayed in public areas, such as a
break room.

Codes of conduct must be comprehensive, communicated to all employee and
periodically acknowledged by employees. The codes may contain standards for ethical
behavior, remdial steps when unethical behavior such as improper payments,
unhealthy competition are encountered and remedies for conflict of interest.
However, there is no requirement that the codes of conduct be displayed in public
areas, such as a break room.
options (a), (b) and (c) are incorrect because of the above explanation.
37
BEC314110
Proper authorization of write-offs of uncollectible accounts should be approved in

which of the following departments?
Accounts receivable.
Credit.
Accounts payable.
Treasurer.
Write-offs of uncollectible accounts are initiated by credit department but it is

approved by the treasurer only. The treasurer has the ultimate responsibility of
cash and consequently the authority to write-off accounts receivables.
Option (a) is incorrect because accounts receivable department is responsible for

the recording function and should not be in charge of the authorization for
writing-off accounts receivable function (Mnemonic: A/R/C/C's).
Option (b) is incorrect because credit department usually initiates the write-off
of the account receivables and since they are granting credit they would not be
allowed to authorize the write-off. It is ultimately approved by the treasurer.
Option (c) is incorrect because accounts payable department is also a recording

department and cannot be responsible for the authorization function (Mnemonic:
A/R/C/C's).
38
BEC112664
Pursuant to the Sarbanes-Oxley Act of 2002, an accountant who destroys documents to

impede an investigation by a U.S. agency can be
Suspended or barred from being associated with a registered public accounting firm
or be required to end such association.
Temporarily or permanently limited on the activities, functions or operations

conducted on behalf of a registered public accounting firm.
Fined and / or imprisoned not more than 20 years.
Fined and / or imprisoned not more than 10 years.
Section 802 of Sarbanes-Oxley Act of 2002 prohibits a person from knowingly

destroying, mutilating or concealing records or documents to impede or influence
the investigation of any department or agency of the United States. The penalty is
a fine or imprisonment for not more than 20 years or both. This section also
imposes penalties of fines and / or imprisonment up to 10 years on any accountant
who knowingly and wilfully violates the requirements of maintenance of all audit or
review papers for a period of 5 years.
Option (a), (b) and (d) are incorrect based on the above explanation.
39
BEC112995
Board of directors of a corporation do not have the power to:
Select or remove chief executive officer
Declare dividends
Decide management compensation
Amend articles of incorporation
The Articles of Incorporation are legal documents filed with a government body to
oficially document the creation of a corporation. It contains important information
like the name of the corporation, its address, purpose and powers of the
corporation, number of authorized shares etc. The Articles of Incorporation can be
amended only by the approval of shareholders and not by the board of directors.
Option (a) is incorrect because the board of directors have the power to select or
remove the chief executive officer.
Option (b) is incorrect because the board of directors are charged with the general
operations of running the corporation on behalf of the shareholders. They are
entrusted with the responsibility of declaring and paying dividends.
Option (c) is incorrect because the board of directors are not only responsible for
hiring top management but also determining their compensation.
40
BEC110275
According to COSO, the use of ongoing and separate evaluations to identify and
address changes in internal control effectiveness can best be accomplished in which
of the following stages of the monitoring-for-change continuum?
Control baseline.
Change identification.
Change management.
Control revalidation/update.

Monitoring is a process of continuously checking the system and is done in
different stages. Change identification is the second stage of monitoring where
ongoing and separate evaluations are conducted by management to find out whether
the components of internal control continue to function from time to time and any
deficiencies are identified and communicated in a timely manner.
Option (a) is incorrect because control baseline is the stage one in the monitoring
process that helps in understanding of internal controls.
Option (c) is incorrect because change management is the third stage where
management evaluates the changes identified in stage two and establishes a new
baseline.
Option (d) is incorrect because control revalidation/update is the last stage where
management periodically revalidates/updates the controls when no known changes
have occurred.
41
BEC113594
As per COSO framework on ERM, if a risk is within the risk appetite of an

enterprise, an enterprise would:
Avoid the risk.
Reduce the risk.
Accept the risk.
Transfer the risk.

If the risk is already within the risk appetite of the enterprise, an enterprise
would accept the risk and take no action to change the severity of risk.
Options (a), (b) and (d) are incorrect because if the risk is within the risk
appetite of the enterprise, an enterprise would not avoid, reduce or transfer the
risk.
42
BEC110401
According to COSO, the position or internal entity that is best suited, as part of
the enterprise risk management process, to devise and execute risk procedures for a
particular department is:
The internal audit department.

The chief executive officer.
A manager within the department.
The audit committee.

A manager within a department is the most suitable person to devise and execute
risk procedures for that department as he or she is personally involved in the
operations of the department.
Option (a) is incorrect because internal audit department may be involved in

devising the risk related procedures but not in the execution.
Option (b) is incorrect because the CEO is only involved in assessing the risk
management abilities of an organization as a whole; not at the individual
department level.
Option (d) is incorrect because the audit committee is an independent committee and
has no involvement with the execution of the enterprise risk management process.
43
BEC113560
Which of the following is considered an external monitoring device for a

corporation?
I. Investment banks.
II. Attorneys.
III. Internal revenue service (IRS).
IV. Creditors.
I, II and IV only.
III and IV only.
I and II only.
All of above.

All of the above are considered an external corporate monitoring device based on
the following:
Investment banks: Help corporations issue equity and debt offerings. They must
evaluate the company prior to becoming involved in selling the securities and are
considered an external corporate monitoring device.
Attorneys: They review securities filings and provide management advice on legal
matters and are considered an external corporate monitoring device.
Internal revenue service (IRS): By requiring certain information on corporation’s
income tax return, auditing corporation tax returns and enforcing penalties for
filing false tax returns, acts as an external corporate monitoring device.
Creditors: Many debt agreements contain covenants that must be complied with to
prevent the creditor from taking actions because of which they monitor
corporation’s compliance with such agreements and are considered an external
corporate monitoring device.
Options (a), (b) and (c) are incorrect based on the above explanation.
44
BEC110362
Which of the following classifications of security controls includes smoke

detectors, generators, security guards, and ID badges?
Technical.
Physical.
Administrative.
Logical.

Security controls are part of the internal control system that can be technology
driven, administrative, or manual. Smoke detectors, generators, security guards and
ID badges are all examples of manual or physical controls.
Option (a) is incorrect because techincal indicates information technology controls

that are either general controls or application controls.
Option (c) is incorrect because administrative control involves segregation of

duties among employees.
Option (d) is incorrect because logical controls are embedded in technical,

physical as well as administrative controls.
45
BEC113558
Which of the following rules helps to guard a corporation's board of directors from
frivolous allegations about the way it conducts business?
Limited liability rule.
Prudency rule.
Integrity rule.
Business judgment rule.

The business judgment rule prevents directors from being held liable for making bad
decisions if they acted in good faith, loyalty and due care and thus help them
guard against frivolous allegations and liabilities. This rule will apply provided
there is no self-dealing or other breach of the duty of loyalty on the part of the
director.
Options (a), (b) and (c) are incorrect because no such rules exist to guard the
corporation’s board of directors.
46
BEC112991
Shareholder rights do not include:
Right to dividend if declared
Right to sue on behalf of the corporation if the directors fail to do their duty
towards the corporation
Right to inspect books of accounts of the corporation
Right to determine the mission of the organization
Shareholders are investors who purchase corporate stock and enjoy a number of
rights pertaining to their ownership. The rights of the shareholders depend largely
on the provisions in the corporation's charter and bylaws. The most important
rights that most common shareholders possess include the right to share in the
company's profitability, income and assets, general voting rights and a degree of
control and influence over company management selection. Shareholders have no right
to participate in the management of a company's business and its affairs, therefore
they do not have the right to determine the mission of the organization. The
mission of the organization is determined by the board of directors.
Option (a) is incorrect because as owners of the company the shareholders have the
right to the dividend declared and division of profits based on the number of
shares owned by them.
Option (b) is incorrect because shareholders have the right to bring suit against
the corporation for wrongful acts by the directors and officers of the corporation.
Option (c) is incorrect because shareholders are owners of the company and have the
right to inspect the records and books of the corporation.
47
BEC114030
According to the Sarbanes-Oxley Act of 2002, the audit committee of an issuer is

responsible for each of the following activities, except
Evaluating and reporting on the effectiveness of the company's internal control

over financial reporting.
Preapproving all audit and non-audit services provided by the company's auditor
Establishing procedures for the receipt, retention, and treatment of complaints

received by the company regarding accounting, internal control, and auditing
matters.
The appointment, compensation, and oversight of the work of the registered public
accounting firm employed by the company.
As per SOX Title III- Corporate responsibility, section 302 the officers (including
CEO/CFO) are responsible for certifying that they acknowledge their responsibility
for establishing and maintaining ICFR.
Also, the officers are required to evaluate the effectiveness of ICFR, present
their conclusion as to effectiveness and disclose any material changes in the
Company’s ICFR.
The Audit committee is required to be independent means any member of the audit
committee may not accept any consulting, advisory, or other compensatory fees from
the Company (other than board or committee fees) or be affiliated with the Company.
In line with Section 404 Title IV, the auditor is only required to attest
management’s assessment of effectiveness of I/C Financial reporting.
Options (b), (c) and (d) are as per SOX Title the audit committee is required to
fulfil.
48
BEC11457
As per the COSO ERM framework, after an organization establishes operating

structures in the pursuit of strategy and business objectives, it should:
define the desired behaviors that characterize the entity’s desired culture.
demonstrate a commitment to the entity’s core values.
evaluate alternative strategies and potential impact on risk profile.

consider risk while establishing the business objectives at various levels that
align and support strategy.
Revision; and Information, Communication & Reporting. After the board exercising
risk oversight and management establishing operating structures, as per the
’Governance and Culture’ component, the organization should define the desired
behaviors that characterize the entity’s desired culture.
Option (b) is incorrect as it is the logical step after the definition of entity’s
desired culture in the Governance and Culture component.
Options (c) and (d) are incorrect because they are part of the Enterprise Strategy
& Objective setting component.
(Based on 2017 COSO ERM Framework)
49
BEC118785
The production schedule is a document:
that details the allocation of resources and time needed to manufacture each
product in a specified quantity during a provided time period.
specifying all of the components and quantities required to manufacture a product
that explains in detail the specific steps and sequence of those steps needed to
accurately manufacture a product
issued within a company to authorize the manufacture of a specified quantity of a

given product during a provided time period

Production schedule details the allocation of resources and time needed to
manufacture each product in a specified quantity during a provided time period.
Option (b) is incorrect. Bill of materials is a detailed document specifying all of

the components and quantities required to manufacture a product.
Option (c) is incorrect. Production instructions is the document that explains in

detail the specific steps and sequence of those steps needed to accurately
manufacture a product.
Option (d) is incorrect. Production order is a document issued within a company to
authorize the manufacture of a specified quantity of a given product during a
provided time period.
50
BEC11431
Select the set of risk management principles of “Risk & Performance” of the updated
ERM framework.
Identifies Risk; Assesses Severity of Risk; Prioritizes Risks; Implements Risk

Responses; Develops Portfolio View
Defines Risk Appetite; Assesses Severity of Risk; Prioritizes Risks; Implements

Risk Responses; Develops Portfolio View; Reports on Risk, Culture, and Performance
Defines Risk Appetite; Assesses Severity of Risk; Sets Risk-Return trade-off;

Implements Risk Responses; Develops Portfolio View; Reports on Risk, Culture, and
Performance
Identifies Risk; Assesses Severity of Risk; Sets Risk-Return trade-off; Implements

Risk Responses; Develops Portfolio View; Reports on Risk, Culture, and Performance
The risk management principles of “Performance” are:
Identifies Risk
Assesses Severity of Risk
Prioritizes Risks
Implements Risk Responses
Revision; and Information, Communication & Reporting.
Options (b) and (c) are incorrect because they have Reports on Risk, Culture, and
Performance which is part of Information, Communication & Reporting and does not
include all the five principles of Performance. Option (c) is also incorrect
because
Setting Risk-Return trade-off is not part of the ERM framework.
Options (d) is incorrect because it does not include all the five principles of
Performance. Setting Risk-Return trade-off is not part of the ERM framework.

BEC B1 Mcqs

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BEC B1 Mcqs

Uploaded by

Copyright:

Available Formats

1

Salary plus a bonus for the current period

Salary plus equity stock options

Salary plus stock options that cannot be exercised for 8 years

The correct answer is (c).

According to the International Standards for Professional Practice of Internal

Report the findings to the regulatory agency

Report to the Board of directors

Report only to senior management

The correct answer is (b).

A primary function of the audit executive is to provide assurance on the

Enterprise risk management:

helps an organization to increase its net profit by eliminating non-value-added

analyses business performance from four perspectives—financial, customer &

The correct answer is (a).

The correct answer is (c).

Mailing disbursement checks and remittance advices should be controlled by the

Approves the vouchers for payment.

Maintains possession of the mechanical check-signing device.

Signs the checks last.

The correct answer is (d).

Option (c) is incorrect because when a mechanical check-signing device is used,

designed to prevent an issue

designed to detect an issue

determines if the controls will involve human effort

all of the above

The Correct Answer is (d).

Which of the following statement is correct concerning the rights of board of

Board of directors need to take shareholders’ approval for increasing management’s

Shareholders are responsible for ensuring accurate financial reporting by

Board of directors cannot take an independent decision on merger of the

The correct answer is (d).

Right to elect the Board of Directors.

Option (c) is incorrect because board of directors (not shareholders) is

Which of the following is an example of cross footing in process control?

A financial analyst plotting beta curve from the historical data

A management accountant verifying the marginal safety calculated to the margin of

The correct answer is (a).

Developing general controls over information technology would be a part of which of

Existing control activities.

Information and communication.

The correct answer is (b).

The correct answer is (c).

Which of the following organizations was established by the Sarbanes-Oxley Act of

Information Systems Audit and Control Foundation (ISACF).

IT Governance Institute (ITGI).

Public Company Accounting Oversight Board (PCAOB).

Committee of Sponsoring Organizations (COSO).

The correct answer is (c).

PCAOB, is a non-profit private body, entrusted with the responsibilities of

- establish auditing, quality control, ethics, independence, and other standards

- conduct inspections, investigations, and disciplinary proceedings of registered

- enforce compliance with Sarbanes Oxley

Option (d) is incorrect because The Committee of Sponsoring Organizations’ (COSO)

According to the Sarbanes-Oxley Act of 2002, each of the following is a corporate

Each audit committee member of the issuer must be independent.

The correct answer is (b).

- Is directly responsible for the appointment, compensation, and oversight of

- Must establish whistleblowing mechanisms and procedures within the issuer.

- Each audit committee member of the issuer must be independent.

Following the formation of a corporation, which of the following terms best

Accord and satisfaction

The correct answer is (b).